CVE-2024-33869: Ghostscript path traversal via unresolved symlinks in SAFER mode

CVE-2023-43115: Ghostscript IJS device SAFER bypass allowing path traversal and arbitrary command execution

CVE-2023-43115: Ghostscript IJS device bypasses SAFER, allowing path-traversal arbitrary file write and RCE

CVE-2021-45944: Use-after-free in Ghostscript sampled_data_finish via moving GC interior-pointer invalidation

CVE-2020-15900: Ghostscript zbitshift integer overflow via off-by-one shift range check

CVE-2020-15900 — rsearch post-string size off-by-one in Ghostscript 9.52

Ghostscript CVE-2020-15900: Integer Overflow in PostScript Calculator bitshift Operator

CVE-2020-15900: Integer overflow (signed left-shift UB) in Ghostscript bitshift PostScript operator

CVE-2020-15900: Ghostscript zbitshift signed integer overflow / UB in PostScript bitshift operator

CVE-2020-15900: Integer Underflow in Ghostscript rsearch Operator

CVE-2024-29510: Ghostscript uniprint device format-string vulnerability

CVE-2023-36664: Command Injection in Ghostscript Pipe Device

CVE-2023-43115: Ghostscript IJS device SAFER sandbox bypass via path traversal + command injection

CVE-2023-43115: Ghostscript IJS device path-traversal/sandbox-escape via subprocess file delegation

CVE-2023-43115: Ghostscript IJS device bypasses -dSAFER (path-traversal + RCE)

CVE-2023-43115: Ghostscript IJS device bypasses SAFER path validation

CVE-2023-43115 — Ghostscript IJS device bypasses SAFER for OutputFile and IjsServer

CVE-2023-43115 Ghostscript IJS device SAFER bypass via IjsServer / sh -c

CVE-2023-43115: Ghostscript IJS device bypasses SAFER sandbox for output file path traversal

CVE-2023-43115: Ghostscript IJS device skips SAFER path validation